exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam

Exam CISM topic 1 question 914 discussion

Actual exam question from Isaca's CISM
Question #: 914
Topic #: 1
[All CISM Questions]

Of the following, who is MOST appropriate to own the risk associated with the failure of a privileged access control?

  • A. Data owner
  • B. Information security manager
  • C. Business owner
  • D. Compliance manager
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Y0GA
3 months, 3 weeks ago
Selected Answer: C
Per GPT4o, it is C. "The business owner is responsible for the processes and outcomes within their area of the organization. Since the failure of a privileged access control can significantly impact business operations, data integrity, and security, it is essential that the business owner, who has the authority and accountability for the affected area, owns the associated risk. " When you ask it questions, make sure to say "use CISM guidelines" for a more accurate answer.
upvoted 1 times
...
shootnot
4 months ago
B- ISM does not own any risk.
upvoted 1 times
...
RunAmok113
4 months, 3 weeks ago
Selected Answer: B
Tough one but B.
upvoted 1 times
...
POWNED
7 months, 2 weeks ago
Selected Answer: C
These questions are always hard for me when accountable is not a word in the question. Hate to have to do this, but ISACA heavily states that the Business owner is always accountable for any risks . Since this question involves failure I am going to correlate own=accountable making the best answer C. I could be wrong, but here is my explanation of why I am going with C.
upvoted 3 times
...
Cyberbug2021
9 months, 3 weeks ago
Selected Answer: B
Its PAM
upvoted 1 times
...
koala_lay
10 months, 3 weeks ago
Selected Answer: B
The most appropriate person to own the risk associated with the failure of a privileged access control is the B. Information security manager. The information security manager is responsible for implementing and maintaining controls related to access management and security. They are specifically trained and experienced in understanding and mitigating the risks associated with privileged access control. They have the knowledge and expertise to monitor and manage the systems, processes, and policies related to privileged access, ensuring that the appropriate measures are in place to protect sensitive information and prevent unauthorized access.
upvoted 4 times
Y0GA
3 months, 3 weeks ago
management and execution may be more for ISM, but "ownership" usually falls back on the business owner's side. also... GPT4o gives C. Yeah it's a weird one but they always throw us off with the damn wording.
upvoted 1 times
...
...
richck102
11 months, 2 weeks ago
Selected Answer: C
C. Business owner
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago